Digital Signatures

Digital signatures can be used by Directory Server to maintain integrity
of information. If encryption and message digests are applied to the information
being sent, the recipient can determine that the information was not tampered
with during transit.

Tamper detection and related authentication techniques rely on a mathematical
function called a one-way hash. This function is also
called a message digest. A one-way hash is a number
of fixed length with the following characteristics:

The value of the hash is unique for the hashed data. Any change
in the data, even deleting or altering a single character, results in a different
value.

The content of the hashed data cannot, for all practical purposes,
be deduced from the hash — which is why it is called one-way.

It is possible to use a private key for encryption and a public key
for decryption. Although this is not desirable when you are encrypting sensitive
information, it is a crucial part of digitally signing any data. Instead of
encrypting the data itself, the signing software creates a one-way hash of
the data, then uses your private key to encrypt the hash. The encrypted hash,
along with other information, such as the hashing algorithm, is known as a
digital signature. Figure 2–11 shows
two items transferred to the recipient of some signed data.

Figure 2–11 Digital Signatures

In Figure 2–11, the original
data and the digital signature, which is basically a one-way hash (of the
original data) that has been encrypted with the signer's private key. To validate
the integrity of the data, the receiving software first uses the signer’s
public key to decrypt the hash. It then uses the same hashing algorithm that
generated the original hash to generate a new one-way hash of the same data.
(Information about the hashing algorithm used is sent with the digital signature,
although this isn’t shown in the figure.) Finally, the receiving software
compares the new hash against the original hash. If the two hashes match,
the data has not changed since it was signed. If they don’t match, the
data may have been tampered with since it was signed, or the signature may
have been created with a private key that doesn’t correspond to the
public key presented by the signer.

If the two hashes match, the recipient can be certain that the public
key used to decrypt the digital signature corresponds to the private key used
to create the digital signature. Confirming the identity of the signer, however,
also requires some way of confirming that the public key really belongs to
a particular person or other entity.

The significance of a digital signature is comparable to the significance
of a handwritten signature. Once you have signed some data, it is difficult
to deny doing so later — assuming that the private key has not been
compromised or out of the owner’s control. This quality of digital signatures
provides a high degree of nonrepudiation — that is, digital signatures
make it difficult for the signer to deny having signed the data. In some situations,
a digital signature may be as legally binding as a handwritten signature.